[3.2] Release notes #8844
Merged
[3.2] Release notes #8844
Conversation
This file contains hidden or bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
Collaborator
✅ Snyk checks have passed. No issues have been found so far.
💻 Catch issues earlier using the plugins for VS Code, JetBrains IDEs, Visual Studio, and Eclipse. |
rhr323
added
>docs
pebrc
reviewed
Oct 15, 2025
rhr323
commented
Oct 27, 2025
barkbay
reviewed
Oct 29, 2025
barkbay
reviewed
Oct 29, 2025
barkbay
reviewed
Oct 29, 2025
barkbay
reviewed
Oct 29, 2025
docs/release-notes/index.md
Outdated
Comment on lines
47
to
48
| - fix(deps): update all ungrouped dependencies [#8836](https://github.com/elastic/cloud-on-k8s/pull/8836) | ||
| - fix(deps): update all ungrouped dependencies [#8826](https://github.com/elastic/cloud-on-k8s/pull/8826) |
Contributor
There was a problem hiding this comment.
This feels less useful now that the updates are grouped. (see the same section for 3.1 as a comparison: https://www.elastic.co/docs/release-notes/cloud-on-k8s#elastic-cloud-kubernetes-310-miscellaneous)
Contributor
Author
There was a problem hiding this comment.
I sorted the dependecies (+ removed some duplicates). But I see your point now, we have lots of dependency updates hidden in PRs like this:
- fix(deps): update all ungrouped dependencies [#8762](https://github.com/elastic/cloud-on-k8s/pull/8762)
- fix(deps): update all ungrouped dependencies [#8785](https://github.com/elastic/cloud-on-k8s/pull/8785)
- fix(deps): update all ungrouped dependencies [#8809](https://github.com/elastic/cloud-on-k8s/pull/8809)
- fix(deps): update all ungrouped dependencies [#8826](https://github.com/elastic/cloud-on-k8s/pull/8826)
- fix(deps): update all ungrouped dependencies [#8836](https://github.com/elastic/cloud-on-k8s/pull/8836)
It's not great, but maybe we can still keep it like this. Or should we just remove the updated dependencies section altogether?
Contributor
There was a problem hiding this comment.
Or should we just remove the updated dependencies section altogether?
If the intent is to share which versions have been updated we could use git and grep, something along the lines of:
git diff 3.1 3.2 -- go.mod \
| grep '^+' \
| grep -E '^[+[:space:]]*[a-zA-Z0-9./_-]+[[:space:]]v[0-9]+\.[0-9]+' \
| grep -v '// indirect' \
| sed -E 's/^[+[:space:]]*//'
github.com/KimMachineGun/automemlimit v0.7.4
github.com/gkampitakis/go-snaps v0.5.15
github.com/hashicorp/vault/api v1.22.0
github.com/prometheus/client_golang v1.23.2
github.com/prometheus/common v0.67.1
github.com/spf13/cobra v1.10.1
github.com/spf13/pflag v1.0.10
github.com/spf13/viper v1.21.0
github.com/stretchr/testify v1.11.1
golang.org/x/crypto v0.43.0
k8s.io/api v0.34.1
k8s.io/apimachinery v0.34.1
k8s.io/client-go v0.34.1
k8s.io/utils v0.0.0-20250604170112-4c0f3b243397
sigs.k8s.io/controller-runtime v0.22.2
sigs.k8s.io/controller-tools v0.19.0
(
My concern with a list of update all ungrouped dependencies is that it doesn’t bring much value 😕
Contributor
Author
There was a problem hiding this comment.
👍 , I updated the dependency part with the list of updates (instead of listing the PRs).
Here is an (AI generated/assisted) script that can be used in the future: #8880.
barkbay
reviewed
Oct 30, 2025
docs/release-notes/index.md
Outdated
|
|
||
| #### User Password Generation (Enterprise feature) | ||
|
|
||
| ECK will now generate longer passwords by default for the administrative user of each Elasticsearch cluster. The password is 24 characters in length by default (can be configured to a maximum of 72 characters), incorporating alphabetic and numeric characters, to make password complexity stronger. Refer to the [managed credentialss](docs-content://deploy-manage/users-roles/cluster-or-deployment-auth/managed-credentials-eck.md) page for examples and more details. |
Contributor
There was a problem hiding this comment.
Suggested change
| ECK will now generate longer passwords by default for the administrative user of each Elasticsearch cluster. The password is 24 characters in length by default (can be configured to a maximum of 72 characters), incorporating alphabetic and numeric characters, to make password complexity stronger. Refer to the [managed credentialss](docs-content://deploy-manage/users-roles/cluster-or-deployment-auth/managed-credentials-eck.md) page for examples and more details. | |
| ECK will now generate longer passwords by default for the administrative users of each Elasticsearch cluster. The password is 24 characters in length by default (can be configured to a maximum of 72 characters), incorporating alphabetic and numeric characters, to make password complexity stronger. Refer to the [managed credentials](docs-content://deploy-manage/users-roles/cluster-or-deployment-auth/managed-credentials-eck.md) page for examples and more details. |
docs/release-notes/index.md
Outdated
|
|
||
| #### Automatic pod disruption budget (Enterprise feature) | ||
|
|
||
| ECK now offers better out-of-the-box PodDisruptionBudgets that automatically keep your cluster available as Pods move across nodes. The new policy calculates the number of Pods per tier that can sustain replacement and automatically generates a PodDisruptionBudget for each tier, enabling the Elasticsearch cluster to vacate Kubernetes nodes more quickly, while considering cluster health, without interruption. The documentation about [PodDisruptionBudget](docs-content://deploy-manage/deploy/cloud-on-k8s/pod-disruption-budget.md) has more informaiton and details. |
Contributor
There was a problem hiding this comment.
Suggested change
| ECK now offers better out-of-the-box PodDisruptionBudgets that automatically keep your cluster available as Pods move across nodes. The new policy calculates the number of Pods per tier that can sustain replacement and automatically generates a PodDisruptionBudget for each tier, enabling the Elasticsearch cluster to vacate Kubernetes nodes more quickly, while considering cluster health, without interruption. The documentation about [PodDisruptionBudget](docs-content://deploy-manage/deploy/cloud-on-k8s/pod-disruption-budget.md) has more informaiton and details. | |
| ECK now offers better out-of-the-box PodDisruptionBudgets that automatically keep your cluster available as Pods move across nodes. The new policy calculates the number of Pods per tier that can sustain replacement, and automatically generates a PodDisruptionBudget for each tier. This enables the Elasticsearch cluster to vacate Kubernetes nodes more quickly, while considering cluster health, without interruption. The documentation about [PodDisruptionBudget](docs-content://deploy-manage/deploy/cloud-on-k8s/pod-disruption-budget.md) has more information and details. |
docs/release-notes/known-issues.md
Outdated
|
|
||
| :::{dropdown} Elastic Agent fails to start with "cipher: message authentication failed" after re-upgrading to ECK 3.2.0, the CONFIG_PATH for Elastic Agent in Fleet mode was changed to align with the STATE_PATH (tracking [Issue #8819](https://github.com/elastic/cloud-on-k8s/issues/8819). | ||
|
|
||
| If you upgrade to 3.2.0, downgrade to a previous version (like 3.1.0), and then upgrade back to 3.2.0, the Elastic Agent pods may fail to start. This occurs because the agent, using the new CONFIG_PATH, is unable to decrypt the existing state files encrypted with keys from the old path. |
Contributor
There was a problem hiding this comment.
Suggested change
| If you upgrade to 3.2.0, downgrade to a previous version (like 3.1.0), and then upgrade back to 3.2.0, the Elastic Agent pods may fail to start. This occurs because the agent, using the new CONFIG_PATH, is unable to decrypt the existing state files encrypted with keys from the old path. | |
| If you upgrade to 3.2.0, downgrade to a previous version (like 3.1.0), and then upgrade back to 3.2.0, the Elastic Agent Pods may fail to start. This occurs because the agent, using the new CONFIG_PATH, is unable to decrypt the existing state files encrypted with keys from the old path. |
barkbay
reviewed
Oct 30, 2025
docs/release-notes/known-issues.md
Outdated
|
|
||
| ## 3.2.0 [elastic-cloud-kubernetes-320-known-issues] | ||
|
|
||
| :::{dropdown} Elastic Agent fails to start with "cipher: message authentication failed" after re-upgrading to ECK 3.2.0, the CONFIG_PATH for Elastic Agent in Fleet mode was changed to align with the STATE_PATH (tracking [Issue #8819](https://github.com/elastic/cloud-on-k8s/issues/8819). |
Contributor
There was a problem hiding this comment.
I think this is not rendered as expected:
barkbay
reviewed
Oct 30, 2025
docs/release-notes/index.md
Outdated
|
|
||
| ### Release Highlights | ||
|
|
||
| #### Automatic pod disruption budget (Enterprise feature) |
Contributor
There was a problem hiding this comment.
If think we already have automatic PDBs.
Suggested change
| #### Automatic pod disruption budget (Enterprise feature) | |
| #### Advanced PodDisruptionBudget management (Enterprise feature) |
barkbay
reviewed
Oct 30, 2025
docs/release-notes/index.md
Outdated
|
|
||
| #### User Password Generation (Enterprise feature) | ||
|
|
||
| ECK will now generate longer passwords by default for the administrative user of each Elasticsearch cluster. The password is 24 characters in length by default (can be configured to a maximum of 72 characters), incorporating alphabetic and numeric characters, to make password complexity stronger. Refer to the [managed credentialss](docs-content://deploy-manage/users-roles/cluster-or-deployment-auth/managed-credentials-eck.md) page for examples and more details. |
Contributor
There was a problem hiding this comment.
ECK will now generate longer passwords by default
Did we actually change the default length? I think what is new is that this default length can be changed.
barkbay
reviewed
Oct 30, 2025
| ### Miscellaneous [elastic-cloud-kubernetes-320-miscellaneous] | ||
|
|
||
| :::{dropdown} Updated dependencies | ||
| - github.com/gkampitakis/go-snaps v0.5.13 => v0.5.15 |
Contributor
There was a problem hiding this comment.
I think one small issue here is that we no longer mention which Go version we upgraded to.
Contributor
Author
There was a problem hiding this comment.
Good point! I have updated the script to include go version changes. Looks like both 3.1 and 3.2 is with go 1.24.5.
pebrc
approved these changes
Oct 30, 2025
rhr323
added a commit
to rhr323/cloud-on-k8s
that referenced
this pull request
Oct 30, 2025
* draft release notes * added draft release highlights * reference docs added * release notes regenerated * highlights updated * added known issue * removed newline * updated dependency updates section * link to documentation from release highlights * pr titles updated * dependency list updated * review comments * title for the agent known issue * password feature description updated (cherry picked from commit 45b74f1)
Contributor
Author
💚 All backports created successfully
Questions ?Please refer to the Backport tool documentation |
rhr323
added a commit
that referenced
this pull request
Oct 31, 2025
* draft release notes * added draft release highlights * reference docs added * release notes regenerated * highlights updated * added known issue * removed newline * updated dependency updates section * link to documentation from release highlights * pr titles updated * dependency list updated * review comments * title for the agent known issue * password feature description updated (cherry picked from commit 45b74f1)
Sign up for free
to join this conversation on GitHub.
Already have an account?
Sign in to comment
4 participants
Add this suggestion to a batch that can be applied as a single commit.
This suggestion is invalid because no changes were made to the code.
Suggestions cannot be applied while the pull request is closed.
Suggestions cannot be applied while viewing a subset of changes.
Only one suggestion per line can be applied in a batch.
Add this suggestion to a batch that can be applied as a single commit.
Applying suggestions on deleted lines is not supported.
You must change the existing code in this line in order to create a valid suggestion.
Outdated suggestions cannot be applied.
This suggestion has been applied or marked resolved.
Suggestions cannot be applied from pending reviews.
Suggestions cannot be applied on multi-line comments.
Suggestions cannot be applied while the pull request is queued to merge.
Suggestion cannot be applied right now. Please check back later.
This PR adds version 3.2.0 to the release notes index.
API reference and 3rd party dependencies have also been added, otherwise the PR checks failed.